3.4.1.REST API Security - Introduction
Application security
An attack can occur on almost any of these points
The attacker can attack the application and manipulate the data or steal the identity
The attacker can look at the abilities understand the abilities of the gateway and that will connect to the backend system
The attacker can bleach the firewall and go directly to the server
Bottom line is: think about security at every touch point in the API, not just API implementation
Mobile application concern
Data security
Always use TLS/ HTTPS for REST API
API security
Authentication
Authorization
Functional attacks
Last updated
Was this helpful?